New Banking Malware Launches Fake Live Chat

Below:

Next story in Security

A new breed of online banking malware has developed a scary skill
— it talks. If you want to hold onto your cash, don't talk back.

The clever cyberattack exploits the live chat feature on banking
websites in an attempt to pressure victims into divulging their
financial information, Amit Klein from the security firm
Trusteer explained.

When people log in to their online banking site, this new
malware, using a series of fake HTML and JavaScript injections,
stalls their session and informs them "security checks are being
performed."

The site, using convoluted language, then tells victims: "The
system couldn't identify your PC. You will be contacted by a
representative to confirm your personality. Please pass the
process of additional verification otherwise your account will be
locked. Sorry for any inconvenience, we are carrying about
security
of our clients. "

If the poor grammar doesn't raise a red flag, the malware attack
then presents users with a live online chat session that allows
the hackers to "perform real time fraud by enticing the victim to
sign/verify fraudulent transactions."

Given this browser exploit, Klein does not have a positive
outlook on the future of Web browser security.

"What's clear now is that the barbarians are taking control of
the browser," he wrote.

To keep malware authors at bay, it's crucial to keep your browser
up to date and also run strong anti-virus software on your
computer, a list of which can be found here.
And if you come across unsolicited messages, especially ones with
grammar and spelling mistakes, be suspicious and don't click any
links.